diff options
| author | cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-04 16:05:43 +0000 |
|---|---|---|
| committer | cevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-04 16:05:43 +0000 |
| commit | 8f7320ed810cf0409aadae175d42463fdaebe1ab (patch) | |
| tree | a377453041797461b6a81e430041adce3c875ad6 | |
| parent | 5e5e55cd471c1defe89f612dd7baf0515f33ece9 (diff) | |
| download | chromium_src-8f7320ed810cf0409aadae175d42463fdaebe1ab.zip chromium_src-8f7320ed810cf0409aadae175d42463fdaebe1ab.tar.gz chromium_src-8f7320ed810cf0409aadae175d42463fdaebe1ab.tar.bz2 | |
Canary HSTS for mail.google.com, based on enthusiastic support to try.
Review URL: http://codereview.chromium.org/6907015
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@84070 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | net/base/transport_security_state.cc | 3 | ||||
| -rw-r--r-- | net/base/transport_security_state_unittest.cc | 12 |
2 files changed, 8 insertions, 7 deletions
diff --git a/net/base/transport_security_state.cc b/net/base/transport_security_state.cc index 1a62669..1aab472b 100644 --- a/net/base/transport_security_state.cc +++ b/net/base/transport_security_state.cc @@ -592,10 +592,7 @@ bool TransportSecurityState::IsPreloadedSTS( {22, true, "\011encrypted\006google\003com", true, kGoogleAcceptableCerts }, {21, true, "\010accounts\006google\003com", true, kGoogleAcceptableCerts }, {21, true, "\010profiles\006google\003com", true, kGoogleAcceptableCerts }, -#if defined(OS_CHROMEOS) - // TODO(cevans) - unify this with Chrome. {17, true, "\004mail\006google\003com", true, kGoogleAcceptableCerts }, -#endif // Other Google-related domains that must use HTTPS. {20, true, "\006market\007android\003com", true, kGoogleAcceptableCerts }, {26, true, "\003ssl\020google-analytics\003com", true, diff --git a/net/base/transport_security_state_unittest.cc b/net/base/transport_security_state_unittest.cc index ebc2f7c..a8a3cafb 100644 --- a/net/base/transport_security_state_unittest.cc +++ b/net/base/transport_security_state_unittest.cc @@ -490,6 +490,10 @@ TEST_F(TransportSecurityStateTest, Preloaded) { EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "profiles.google.com", true)); + EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "mail.google.com", true)); + EXPECT_TRUE(state->IsEnabledForHost(&domain_state, + "chatenabled.mail.google.com", + true)); EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "entropia.de", true)); EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.entropia.de", true)); @@ -633,6 +637,10 @@ TEST_F(TransportSecurityStateTest, BuiltinCertPins) { EXPECT_TRUE(state->HasPinsForHost(&domain_state, "profiles.google.com", true)); + EXPECT_TRUE(state->HasPinsForHost(&domain_state, "mail.google.com", true)); + EXPECT_TRUE(state->HasPinsForHost(&domain_state, + "chatenabled.mail.google.com", + true)); EXPECT_TRUE(state->HasPinsForHost(&domain_state, "ssl.gstatic.com", true)); EXPECT_TRUE(state->HasPinsForHost(&domain_state, "ssl.google-analytics.com", @@ -656,10 +664,6 @@ TEST_F(TransportSecurityStateTest, OptionalHSTSCertPins) { EXPECT_TRUE(state->HasPinsForHost(&domain_state, "www.google-analytics.com", true)); - EXPECT_TRUE(state->HasPinsForHost(&domain_state, "mail.google.com", true)); - EXPECT_TRUE(state->HasPinsForHost(&domain_state, - "chatenabled.mail.google.com", - true)); EXPECT_TRUE(state->HasPinsForHost(&domain_state, "google.com", true)); EXPECT_TRUE(state->HasPinsForHost(&domain_state, "www.google.com", true)); EXPECT_TRUE(state->HasPinsForHost(&domain_state, |